1. 1 Automated SFTP Windows and SUN Linux and SUN

2. 2 Vocabulary  Client = local=the machine generating the SFTP request  Server = remote = the machine willing and ready to accept the SFTP request

3. 3 Why  Security!  Why since all traffic is behind the firewall? “only 14% of network security breaches originate outside the network “ Steve Solomon President and CEO of Citadel

4. 4 WinSCP  Install WinSCP  Run WinSCP  Cache the host key Answer “Yes”

5. 5 Command Line on Windows  Path to the executable  Log communication Helps with troubleshooting  Name of the script  Run at the DOS command prompt "Program Files\WinSCP\WinSCP.exe" /log="C:\sftplog" /script="C:\suntransfer.txt"

6. 6 Script Windows to SUN The below script will place a copy of a file currently in the c:\ folder on the Windows machine, on to the user’s home directory on the SUN # Automatically answer all prompts negatively not to hang # the script on errors option batch on # Disable overwrite confirmations option confirm off # Connect using a password open username:password@172.19.13.10 # Change remote directory cd /home/ username # Set mode transfer option transfer ascii # Upload file from the local directory C:\ to $HOME put “C:\MYFILE” MYFILE # Disconnect close # Exit WinSCP exit

7. 7 Script SUN to Windows The below script will place a copy of a file currently in the user’s home directory on the SUN, on to the c:\ folder on the Windows machine. # Automatically answer all prompts negatively not to abort # the script on errors option batch on # Disable overwrite confirmations option confirm off # Connect using a user name and password open username:password@172.19.13.10 # Change remote directory cd /home/ username # Set mode transfer option transfer ascii # Download file to the local directory C:\ from $HOME get MYFILE "C:\MYFILE" # Disconnect close # Exit WinSCP exit

8. 8 SUN to Linux Basics  Linux must be running SFTP client/server  Network must allow traffic on port 22  Generate Key pairs  Place public key  Allows passwordless authentication  Command line scp  sftp with a batch file

9. 9 Generate Key Pairs  On the client (linux) run:  Hit enter to answer all the prompts  This generated 2 files in your $HOME/.ssh directory:  Chmod on.ssh to 700  Chmod on id_dsa to 600 /opt/security/openssh3.1/bin/ssh-keygen -t dsa id_dsa id_dsa.pub

10. 10 Place Public Key on Server (Sun)  copy the contents of id_dsa.pub to a file in your.ssh directory on to the Sun machine to a file named authorized_keys Use interactive sftp initiated on the client to do this Be sure contents is copied as one continuous line. Be sure the last part of the line is the string passed when you connect, such as: myname@linuxboxmyname@linuxbox or myname@123.123.123.123myname@123.123.123.123 $ sftp username@123.123.123.222 Connecting to 123.123.123.222... Warning: Permanently added '123.123.123.222' (DSA) to the list of known hosts. mylinuxname@123.123.123.222's password: sftp> mkdir.ssh sftp> cd.ssh sftp> put /home/mysun/.ssh/id_dsa.pub authorized_keys Uploading /home/mysun/.ssh/id_dsa.pub to /home/mylinuxname/.ssh/authorized_keys /home/mysun/.ssh/id_dsa.pub 100% 602 0.6KB/s 00:00 sftp> bye

11. 11 Command scp  Enter this command on the Linux System to transfer a file from the SUN to the Linux:  Enter this command on the Linux machine to get a file on the Linux box and place it on the SUN System  Or use SFTP with a batch file on the Linux box Batch file contents: Command to activate the batch file: scp mysunname@123.123.123.222:myfile /home/mylinuxname/myfile scp /home/mylinuxname/myfile mysunname@123.123.123.222:myfile get /home/mysunname/myfile /home/mylinuxname/myfile bye sftp –b /path/to/mybatchfile mylinuxname@123.123.123.222

12. 12 Helpful Tip  If another version of SFTP is used on a windows machine, it may not deal with end of line very well.  Run dos2unix command on the SUN dos2unix badfile > goodfile